Hackers have targeted Google Chrome users in a frightening 2FA bypass attack with dozens of extensions compromised with malicious code—here’s what we know so far.

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

As reported by The Hacker News, a dangerous new campaign targeting browser extensions has been spotted online. So far, at least 16 extensions have been compromised, with over 600,000 Chrome users now at risk of exposing their browsing data and account credentials online.

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

A cyberattack campaign of advanced complexity has been identified, targeting 16 Chrome extensions with the intention of stealing sensitive information from Facebook ad users. Cybersecurity firm Cyberhaven has conducted an initial investigation,

Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a